Validating SOAP messages

When you use the CICS® web services you can specify that the SOAP messages are to be validated to ensure that they conform to the schema that is contained in the web service description. You can validate both provider and requester mode applications.

Before you begin

During development and testing of your web service deployment, full validation assists in detecting problems in the message exchange between a service requester and a service provider. However, complete validation of the SOAP messages carries a substantial overhead, and it is inadvisable to validate messages in a fully tested production application.

CICS uses a Java™ program to validate SOAP messages. Therefore, you must have Java support enabled in your CICS region to validate SOAP messages.

About this task

The SOAP message is validated before it is transformed into an application data structure and when a SOAP message is generated from the application data structure. The SOAP message is validated using the XML schema in the WSDL and is validated again against the transformation requirements of CICS. You can use the WSDL file specified in the WSDLFILE attribute of the WEBSERVICE resource or a WSDL file contained in the .zip file specified in the ARCHIVEFILE attribute of the WEBSERVICE resource. If both attributes are specified, the WSDL file in the archive file specified in the ARCHIVEFILE attribute is used.

When validation is turned off, CICS does not use the Java program. CICS validates SOAP messages only to the extent that is necessary to confirm that they contain well-formed XML, and to transform them. Therefore a SOAP message might be successfully validated but then fail in the runtime environment and vice versa.

Procedure

  1. Set up an OSGi JVM server in the CICS region. SOAP validation using DFHPIVAL will only run in an OSGi framework, not in an Axis2 or Liberty profile JVM.
    1. Install the sample JVM server DFH$JVMS in group DFH$OSGI or create your own JVM server.
      For more information, see Setting up a JVM server.
    2. If you created your own JVM server, modify the DFHPIVAL program definition in group DFHPIVAL to reference the name of the JVMSERVER resource. The DFHPIVAL definition is not locked and can be edited. By default, the definition references DFH$JVMS.
  2. Ensure that you have a web service description associated with your WEBSERVICE resource.
    This association is created for WEBSERVICE resources that are automatically created when a WSDL file or a .zip file that contains one or more WSDL files is present in the pickup directory of the pipeline during a pipeline scan.

    For WEBSERVICE definitions that are created with RDO, the web service description is specified with the WSDLFILE attribute.

  3. Turn web service validation on by specifying VALIDATION=YES attribute of the WEBSERVICE resource.
    You can specify whether validation is required when you define the resource, and you can change this setting after the resource is installed.

Results

Check the system log to find out whether the SOAP message is valid. Message DFHPI1002 indicates that the SOAP message was successfully validated, and message DFHPI1001 indicates that the validation failed.

What to do next

Turn validation off when you no longer need it.